Overnight Cybersecurity: Trump-linked data firm Cambridge Analytica attracts scrutiny | House passes cyber response team bill | What to know about Russian cyberattacks on energy grid

Overnight Cybersecurity: Trump-linked data firm Cambridge Analytica attracts scrutiny | House passes cyber response team bill | What to know about Russian cyberattacks on energy grid
© Getty

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...



--TRUMP-LINKED DATA FIRM INVITES SCRUTINY: Cambridge Analytica is attracting massive scrutiny following reports from the New York Times and The Observer of London that the data mining firm obtained private data on 50 million Facebook users to fuel its operation. The firm, which has links to President TrumpDonald John TrumpGrassley: Dems 'withheld information' on new Kavanaugh allegation Health advocates decry funding transfer over migrant children Groups plan mass walkout in support of Kavanaugh accuser MORE's former chief strategist Steve BannonStephen (Steve) Kevin BannonBannon: Italy’s coalition government ‘will change global politics’ Our policies on immigration should be forward-thinking Ann Coulter believes Kushner wrote anonymous op-ed bashing Trump MORE and GOP megadonor Robert Mercer, was paid $5.9 million by the Trump campaign for data management services ahead of the 2016 presidential election. The firm is facing allegations that it obtained the data improperly, and the developments have prompted a new round of debate over data privacy. House intelligence Committee ranking member Adam SchiffAdam Bennett SchiffKey House Dem's objections stall intel bill as deadline looms The Hill's Morning Report — Sponsored by United Against Nuclear Iran — Kavanaugh and his accuser will testify publicly Russia probe accelerates political prospects for House Intel Dems MORE (D-Calif.) on Sunday said that Cambridge Analytica needs to testify before Congress on the developments, and the lawmaker has also sent a letter to the whistleblower who exposed the issue inviting him to testify. Cambridge Analytica vehemently pushed back on Monday. "This Facebook data was not used by Cambridge Analytica as part of the services it provided to the Donald Trump presidential campaign; personality targeted advertising was not carried out for this client either. The company has made this clear since 2016," it said in a statement. Facebook announced that it was suspending Cambridge Analytica from the platform late Friday, citing policy violations.


--NEW CRISIS FOR FACEBOOK: The developments have created a new headache for Facebook, with CEO Mark ZuckerbergMark Elliot ZuckerbergFight looms over national privacy law Facebook teaming with nonprofits to fight fake election news China may be copying Facebook to build an intelligence weapon MORE now facing calls to testify before Congress as renewed focus falls on the tech giant's privacy practices. Sens. Amy KlobucharAmy Jean KlobucharSenate Democrats increase pressure for FBI investigation of Kavanaugh Election Countdown: Trump confident about midterms in Hill.TV interview | Kavanaugh controversy tests candidates | Sanders, Warren ponder if both can run | Super PACs spending big | Two states open general election voting Friday | Latest Senate polls GOP in striking distance to retake Franken seat MORE (D-Minn.) and John KennedyJohn Neely KennedyMORE (R-La.) on Monday requested that the Senate Judiciary Committee call major tech CEOs to testify about how internet platforms oversee the use of consumer data for political advertising. While the request included several tech firms, it was clearly triggered by the report about Facebook data being used by Cambridge Analytica. "The lack of oversight on how data is stored and how political advertisements are sold raises concerns about the integrity of American elections as well as privacy rights," the senators wrote in a letter to Judiciary Chairman Chuck GrassleyCharles (Chuck) Ernest GrassleyGrassley: Dems 'withheld information' on new Kavanaugh allegation Feinstein calls for hold on Kavanaugh consideration Grassley releases letter detailing Kavanaugh sexual assault allegation MORE (R-Iowa). The data was reportedly given to Cambridge Analytica by a researcher who had developed an app that relied on Facebook's login feature. While only about 270,000 people handed over information through the app, Facebook at the time allowed developers to tap into the entire friend networks of users. That feature, according to the report, allowed the researcher to collect the data of more than 50 million people.

To read more from our coverage, click herehere and here.

Click here for five things to watch as the Cambridge Analytica story unfolds.


-- FACEBOOK SECURITY CHIEF LEAVING: Facebook's chief information security officer is stepping down after battling with other company officials on how to handle the spread of disinformation on the platform, The New York Times reported Monday.

Alex Stamos said that he would leave Facebook in December after his daily duties were assigned to other company staffers, but agreed to stay with the network until August to help with the transition.

He had advocated for Facebook to be transparent about the activity of Russians and other trolls on the platform, clashing with other executives, including chief operating officer Sheryl Sandberg, according to The Times.

Lawmakers have criticized Facebook and other tech giants for allegedly not doing enough to fight Russian influence on the 2016 election.

To read more, click here.


-- SESSIONS FIRES MCCABE FROM FBI: Attorney General Jeff SessionsJefferson (Jeff) Beauregard SessionsTrump distances himself from Rosenstein by saying Sessions hired him Gowdy: Declassified documents unlikely to change anyone's mind on Russia investigation Pompeo on Rosenstein bombshell: Maybe you just ought to find something else to do if you can't be on the team MORE on Friday fired Andrew McCabeAndrew George McCabeHouse Judiciary chair threatens subpoena if DOJ doesn’t supply McCabe memos by Tuesday Rosenstein report gives GOP new ammo against DOJ Graham: There's a 'bureaucratic coup' taking place against Trump MORE, the No. 2 official at the FBI and a longtime target of President Trump. McCabe's ouster comes just days before he was scheduled to retire on Sunday, after more than 20 years at the bureau. McCabe had already stepped down under pressure in January and has been on a leave of absence since. In a statement Friday evening, Sessions said that the FBI's Office of Professional Responsibility and Office of Inspector General (OIG) had found McCabe made an unauthorized disclosure to the news media and "lacked candor -- including under oath -- on multiple occasions." "Pursuant to Department Order 1202, and based on the report of the Inspector General, the findings of the FBI Office of Professional Responsibility, and the recommendation of the Department's senior career official, I have terminated the employment of Andrew McCabe effective immediately," Sessions said. McCabe quickly declared that his termination and Trump's needling against him were an effort to undermine special counsel Robert MuellerRobert Swan MuellerSasse: US should applaud choice of Mueller to lead Russia probe MORE's investigation, in which he could be a potential witness. "The idea that I was dishonest is just wrong," McCabe told The New York Times. "This is part of an effort to discredit me as a witness." McCabe's dismissal came at the recommendation of an internal FBI office that handles disciplinary matters. According to the Times, the recommendation was based on a finding from the Justice Department inspector general that McCabe was not forthcoming during the review, which includes an investigation into a decision he made in 2016 to allow FBI officials to speak with reporters about an investigation into the Clinton Foundation.  It is unclear why the inspector general, Michael Horowitz, chose to act on his findings regarding McCabe before closing the overall investigation into decisions made during the 2016 election. Horowitz has said publicly that he expects to issue his final report this spring. While the exact details of the allegations against McCabe remain unclear, the high-profile dismissal ignited a political firestorm in Washington, with an outpouring response from Democratic lawmakers and former top intelligence community leaders like former FBI Director James ComeyJames Brien ComeyRosenstein report gives GOP new ammo against DOJ Gowdy: Declassified documents unlikely to change anyone's mind on Russia investigation Pompeo on Rosenstein bombshell: Maybe you just ought to find something else to do if you can't be on the team MORE and former CIA chief James Brennan in the days that followed.

To read the rest of our coverage, click here and here.


-- SENATE INTEL TO HOLD ELECTION SECURITY BRIEFING: The Senate Intelligence Committee has scheduled an open hearing on threats to U.S. election security on Wednesday morning, which comes as the 2018 midterm elections draws near. The committee announced Monday that the hearing will feature three separate panels to address the issue of election security with representatives from a range of agencies like the Department of Homeland Security (DHS), Election Assistance Commission, and National Association of Secretaries of State. DHS Secretary Kirstjen NielsenKirstjen Michele NielsenFEMA head to reimburse government for use of federal vehicles: report US to prioritize attacks against foreign adversaries under new cyber strategy Paddlers sue Trump over frequent golf visits shutting down the Potomac River MORE is scheduled to appear for the first panel alongside her Obama administration predecessor, former DHS Secretary Jeh Johnson. The hearing will explore how DHS is engaging states to prepare for the midterms, what the panel has learned about Russian interference in the 2016 presidential election, and how prepared states say they are to combat cyber threats, according to an advisory for the hearing. Election interference has increasingly gained attention as lawmakers and security experts raise concern over whether election systems across the country are properly secure to combat further meddling attempts. The Senate committee has been investigating Russian meddling in the presidential election for more than a year. One day before the hearing takes place, the committee is expected to release a public report on election security. The top Democrat on the committee, Sen. Mark WarnerMark Robert WarnerKey House Dem's objections stall intel bill as deadline looms Russia docs order sets Trump on collision with intel community Hillicon Valley: North Korean IT firm hit with sanctions | Zuckerberg says Facebook better prepared for midterms | Big win for privacy advocates in Europe | Bezos launches B fund to help children, homeless MORE (D-Va.), has warned that Russians still seek to sow discord in U.S. affairs, pointing recently to their efforts to intensify divisions in the gun control debate following the Parkland school shooting in Florida. Chairman Richard BurrRichard Mauze BurrKey House Dem's objections stall intel bill as deadline looms Trump assures storm victims in Carolinas: 'We will be there 100 percent' Overnight Energy: Trump rolls back methane pollution rule | EPA watchdog to step down | China puts tariffs on US gas MORE (R-N.C.) and Warner have worked together in nearly perfect lockstep as they sought to examine the core consequences of Russian activity.


-- TRUMP BANS TRADE IN VENEZUELAN GOVERNMENT CRYPTOCURRENCY: President Trump on Monday imposed new sanctions against the Venezuelan government, banning U.S. citizens from dealing in the South American country's new cryptocurrency. An executive order bans "all transactions related to, provision of financing for, and other dealings in" any digital currency issued by or for the Venezuelan government. The sanctions targeting the petro -- the digital currency announced by Venezuelan President Nicolás Maduro in December -- have been in the works for weeks. Trump has consistently ratcheted up sanctions against Venezuela since his inauguration, and is reportedly considering directly targeting the country's oil industry.  Most of his sanctions have drawn bipartisan praise -- a reflection of Maduro's dim public image internationally -- but critics have warned that full economic sanctions could further hurt the Venezuelan people. Maduro in December explicitly touted the petro as a way to "overcome the financial blockade," making clear that his administration views the cryptocurrency as a way around the sanctions on many of its top leaders.

To read the rest of our piece, click here.



--HOUSE APPROPRIATORS PRESSED TO FUND DHS CYBER PROGRAM: Three lawmakers are pressing House appropriators to fully fund a key cybersecurity program at the Department of Homeland Security in funding legislation for the next fiscal year.

The program, called the Continuous Diagnostics and Mitigation (CDM) program, is part of the department's broader effort to keep federal networks secure from cyberattacks.

Reps. John RatcliffeJohn Lee RatcliffeTrump’s new cyber approach: The best defense is a good offense Over 100 lawmakers consistently voted against chemical safeguards: report GOP lawmakers nearing deal to get Nellie Ohr to testify MORE (R-Texas), Will HurdWilliam Ballard HurdDem introduces bill to create federal cybersecurity apprenticeship program Koch group launches digital ads in tight Texas House race Gingrich: Bushes view themselves as closer to Obamas, Clintons than to Trump MORE (R-Texas) and Jim LangevinJames (Jim) R. LangevinTrump’s new cyber approach: The best defense is a good offense The Hill's Morning Report — Sponsored by Better Medicare Alliance — Facing major hurricane, Trump is tested House panel approves bill to codify key cybersecurity program at DHS MORE (D-R.I.) wrote to the leaders of the House Appropriations Committee on Thursday asking that $237 million be allotted for the CDM program in fiscal 2019 appropriations legislation.

The request is on par with the $237.6 million proposed by the Trump administration in its 2019 budget blueprint for Homeland Security.

"The CDM program is of paramount importance because of its ability to provide the federal enterprise with the ability to monitor and assess the vulnerabilities and threats to its networks and systems in an ever-changing cyber threat landscape," the lawmakers, who are on the House Homeland Security Committee, wrote.

The Homeland Security Department launched the CDM program back in 2012 in order to better guard federal .gov networks against cyber threats. The department broke down the program into four different phases, the first of which focused on managing what software is on federal networks and identifying vulnerabilities.

To read the rest of our piece, click here.


--HOUSE PASSES BILL AUTHORIZING CYBER RESPONSE TEAMS: House lawmakers on Monday passed legislation that would codify into law the Department of Homeland Security's cyber incident response teams that help protect federal networks and critical infrastructure from cyberattacks.

Lawmakers passed the bill, sponsored by House Homeland Security Committee Chairman Michael McCaulMichael Thomas McCaulHillicon Valley: Manafort to cooperate with Mueller probe | North Korea blasts US over cyber complaint | Lawmakers grill Google over China censorship | Bezos to reveal HQ2 location by year's end Overnight Defense: Details on defense spending bill | NATO chief dismisses talk of renaming HQ for McCain | North Korea warns US over cyber allegations Bipartisan House group presses Google over China censorship MORE (R-Texas), in a voice vote Monday afternoon.

The legislation would authorize the "cyber hunt and incident response teams" at Homeland Security to help owners and operators of critical infrastructure respond to cyberattacks as well as provide strategies for mitigating cybersecurity risks.

The bill would also allow Secretary of Homeland Security Kirstjen Nielsen to add cybersecurity specialists from the private sector to the response teams.

It would require that Homeland Security's National Cybersecurity and Communications Integration Center -- the office in which the response teams are housed -- continually evaluate the response teams and report to Congress on their efforts at the end of each fiscal year for four years after the bill becomes law.

The House Homeland Security Committee approved the bill earlier this month.

"My legislation before us today, codifies and enhances the cyber incident response teams at DHS," McCaul said in remarks on Monday.

"By fostering new collaboration between the government and private sector, we can harness our talent and maximize our efforts to stay one step ahead of our enemies," McCaul said. "This innovative approach serves as a force multiplier to enhance our cybersecurity workforce. Being able to utilize a greater number of experts will strengthen efforts to protect our cyber networks."

To read more from our piece, click here.



Chinese hackers have been targeting the U.S. maritime industry in spy operations since last summer, cybersecurity firm FireEye said Friday.

The hackers have stepped up their activity over the past two months, a development that's linked to a Chinese cyber espionage group dubbed "TEMP.Periscope" by FireEye that is also known as "Leviathan." While the group has been active since at least 2013, researchers said its activity dropped off for several years and only reemerged last summer.

The group has largely targeted maritime and engineering focused-entities in the United States, including research institutes, academic organizations and private companies. FireEye has also seen evidence of the group targeting organizations in Europe and Hong Kong.

The group's targets include those with links to the South China Sea, where tensions have run high as a result of territorial disputes. China has built artificial islands in the region in an attempt to extend its position in the area, despite multiple countries laying claim to territory in the South China Sea.

"We've really seen a big upswing in their activity in the last two months," said Ben Read, senior manager of cyber espionage analysis at FireEye. "They've been heavily targeting U.S. entities."

In 2015, the U.S. and China inked an agreement to deepen cooperation on confronting cyberattacks and stop supporting cyber-enabled intellectual property theft against firms within each others' borders.

While FireEye has not established a definitive connection to the Chinese government, Read observed that the hackers' targets suggest they may be working on behalf of the government in some capacity.

To read the rest of our coverage, click here.



Email service calls White House staffer a 'password idiot' for leaving encrypted email account details at a D.C. bus stop. (The Hill)



RUSSIAN ENERGY GRID ATTACKS: Trump administration officials on Thursday accused the Russian government of staging a multi-year cyberattack campaign against the energy grid and other elements of critical infrastructure in the United States.

The alert from the Department of Homeland Security and the FBI coincided with the administration's decision to unveil new sanctions on Russia for 2016 election meddling and other cyber activities -- developments that are sure to ramp up tensions between the U.S. and Moscow.  

Here are five things to know about Russian cyberattacks against U.S. infrastructure.



Links from our blog, The Hill, and around the Web.

GOP chairman threatens subpoena for FBI records on Clinton probe. (The Hill)

Woman dies after being hit by self-driving Uber. (The Hill)

White House: No discussions about firing Mueller. (The Hill)

Kelly names Kushner ally deputy chief of staff. (The Hill)

Republicans warn against firing Mueller, yet little show of appetite to pass law protecting him. (CNN)

New DHS-backed center created to address election security. (CyberScoop)

Trump once planned to tap Gary Cohn to head the CIA. (Politico)

Russian outlets say Moscow's election commission came under cyberattack. (RT)

Why the Cambridge Analytica issue is not a data breach. (Motherboard)